Lucene search
K

226 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.9 views

CVE-2024-40480

A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access...

9.8CVSS9.3AI score0.00534EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.5 views

CVE-2024-40479

A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter...

8.1CVSS8.6AI score0.00797EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.8 views

CVE-2024-40478

A Stored Cross Site Scripting XSS vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields...

5.4CVSS5.5AI score0.00604EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:29 a.m.4 views

CVE-2024-57370

Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter...

6.1CVSS6.1AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:30 a.m.6 views

CVE-2023-2697

A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. It is possible to launch the...

9.8CVSS7.5AI score0.0082EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:28 a.m.9 views

CVE-2023-2642

A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/faceboxmodal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possibl...

9.8CVSS7.4AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.9 views

CVE-2023-2770

A vulnerability classified as critical was found in SourceCodester Online Exam System 1.0. This vulnerability affects unknown code of the file /kelasdosen/data. The manipulation of the argument columns1data leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

8.8CVSS7.6AI score0.00734EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.9 views

CVE-2023-2693

A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. The attack...

9.8CVSS7.4AI score0.0082EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.8 views

CVE-2023-2695

A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. The attack can be...

9.8CVSS7.6AI score0.0082EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:49 a.m.12 views

CVE-2023-2694

A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. It is possible to initiate th...

9.8CVSS7.4AI score0.0082EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.10 views

CVE-2023-2771

A vulnerability, which was classified as critical, has been found in SourceCodester Online Exam System 1.0. This issue affects some unknown processing of the file /jurusanmatkul/data. The manipulation of the argument columns1data leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS7.4AI score0.00734EPSS
Exploits1References1
OSV
OSV
added 2025/04/21 3:15 p.m.3 views

CVE-2025-28121

code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting XSS in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code...

6.1CVSS6.1AI score0.00779EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/03/30 1:3 a.m.16 views

CVE-2025-28087

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...

9.8CVSS8.5AI score0.00458EPSS
Exploits1References1
NVD
NVD
added 2025/03/28 10:15 p.m.7 views

CVE-2025-28087

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...

9.8CVSS0.00458EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 10:15 p.m.2 views

CVE-2025-28087

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...

9.8CVSS5.8AI score0.00458EPSS
Exploits1References1
CVE
CVE
added 2025/03/28 12:0 a.m.63 views

CVE-2025-28087

CVE-2025-28087 affects Sourcecodester Online Exam System 1.0. The dash.php SQL injection vulnerability allows remote, unauthenticated access with high impact on confidentiality, integrity, and availability (CVSSv3.1: 9.8). ADP notes a PoC exploit is available; no patch/version remediation is spec...

9.8CVSS8.4AI score0.00458EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.9 views

PT-2025-13580 · Unknown · Sourcecodester Online Exam System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Exam System version 1.0 Description: The issue is related to SQL Injection via the dash.php file. This allows for potential exploitation. Recommendations: For Sourcecodester Online Exam System version 1.0, consider...

9.8CVSS7.4AI score0.00458EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/03/28 12:0 a.m.18 views

CVE-2025-28087

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...

0.00458EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/28 12:0 a.m.7 views

CVE-2025-28087

Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...

8.1AI score0.00458EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

Code-Projects Online Exam Mastering System 安全漏洞

Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. A security vulnerability exists in Code-Projects Online Exam Mastering System v1.0, which stems from an incorrect manipulation of the parameter fid that can lead to SQL injection...

9.8CVSS7.3AI score0.00726EPSS
Exploits1References2
Rows per page
Query Builder